<? include ("../init.php") ?>
<?
  foreach($_POST as $k=>$v){
    $$k = $v;
  }
  
  $q_email = $db->queryUniqueValue("SELECT m_email FROM hs_member WHERE m_email LIKE '$email' AND m_id!=$m_id");
  
  if($q_email==NULL OR $q_email==''){
    
    if($password!=''){
      $pass_sql = "m_password=MD5('$password'),";
    }
    $time_ = time();
    $sql = <<<sql
            UPDATE hs_member SET 
                m_name='$f_name',
                m_lastname='$l_name',
                m_company='$c_name',
                m_position='$position',
                m_email='$email',
                m_phone='$phone',
                m_url='$url',
                m_address='$address',
                m_city='$city',
                m_postcode='$post_code',
                m_state='$state',
                m_country='$country',
                m_knowhow='$know',
                $pass_sql
                m_level='$level',
                m_update = '$time_',
                m_enews='$newsletter',
                m_confirm='$confirm'
                WHERE m_id=$m_id
sql;
    
    $db->execute($sql);
    alert('User has been successfuly edited.');
  }else{
    alert('Email is already existed.');
  }
  
  redirect("index.php");
?>